nl80211: Check ethertype for control port RX

nl80211 control port event handling previously did not differentiate
between EAPOL and RSN preauth ethertypes. Add checking of the ethertype
and report unexpected frames (only EAPOL frames are supposed to be
delivered through this path).

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
This commit is contained in:
Markus Theil 2020-04-11 12:25:18 +02:00 committed by Jouni Malinen
parent 932546ac28
commit 6f70fcd986

View File

@ -2505,12 +2505,34 @@ static void nl80211_sta_opmode_change_event(struct wpa_driver_nl80211_data *drv,
static void nl80211_control_port_frame(struct wpa_driver_nl80211_data *drv,
struct nlattr **tb)
{
if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_FRAME])
u8 *src_addr;
u16 ethertype;
if (!tb[NL80211_ATTR_MAC] ||
!tb[NL80211_ATTR_FRAME] ||
!tb[NL80211_ATTR_CONTROL_PORT_ETHERTYPE])
return;
drv_event_eapol_rx(drv->ctx, nla_data(tb[NL80211_ATTR_MAC]),
nla_data(tb[NL80211_ATTR_FRAME]),
nla_len(tb[NL80211_ATTR_FRAME]));
src_addr = nla_data(tb[NL80211_ATTR_MAC]);
ethertype = nla_get_u16(tb[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
switch (ethertype) {
case ETH_P_RSN_PREAUTH:
wpa_printf(MSG_INFO, "nl80211: Got pre-auth frame from "
MACSTR " over control port unexpectedly",
MAC2STR(src_addr));
break;
case ETH_P_PAE:
drv_event_eapol_rx(drv->ctx, src_addr,
nla_data(tb[NL80211_ATTR_FRAME]),
nla_len(tb[NL80211_ATTR_FRAME]));
break;
default:
wpa_printf(MSG_INFO, "nl80211: Unxpected ethertype 0x%04x from "
MACSTR " over control port",
ethertype, MAC2STR(src_addr));
break;
}
}